提交 98186eb4 编写于 作者: V Viktor Dukhovni

Backwards-compatibility subject to OPENSSL_API_COMPAT

Provide backwards-compatiblity for functions, macros and include
files if OPENSSL_API_COMPAT is either not defined or defined less
than the version number of the release in which the feature was
deprecated.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
上级 cddd424a
...@@ -4,6 +4,35 @@ ...@@ -4,6 +4,35 @@
Changes between 1.0.2e and 1.1.0 [xx XXX xxxx] Changes between 1.0.2e and 1.1.0 [xx XXX xxxx]
*) Revert default OPENSSL_NO_DEPRECATED setting. Instead OpenSSL
continues to support deprecated interfaces in default builds.
However, applications are strongly advised to compile their
source files with -DOPENSSL_API_COMPAT=0x10100000L, which hides
the declarations of all interfaces deprecated in 0.9.8, 1.0.0
or the 1.1.0 releases.
In environments in which all applications have been ported to
not use any deprecated interfaces OpenSSL's Configure script
should be used with the --api=1.1.0 option to entirely remove
support for the deprecated features from the library and
unconditionally disable them in the installed headers.
Essentially the same effect can be achieved with the "no-deprecated"
argument to Configure, except that this will always restrict
the build to just the latest API, rather than a fixed API
version.
As applications are ported to future revisions of the API,
they should update their compile-time OPENSSL_API_COMPAT define
accordingly, but in most cases should be able to continue to
compile with later releases.
The OPENSSL_API_COMPAT versions for 1.0.0, and 0.9.8 are
0x10000000L and 0x00908000L, respectively. However those
versions did not support the OPENSSL_API_COMPAT feature, and
so applications are not typically tested for explicit support
of just the undeprecated features of either release.
[Viktor Dukhovni]
*) Add support for setting the minimum and maximum supported protocol. *) Add support for setting the minimum and maximum supported protocol.
It can bet set via the SSL_set_min_proto_version() and It can bet set via the SSL_set_min_proto_version() and
SSL_set_max_proto_version(), or via the SSL_CONF's MinProtocol and SSL_set_max_proto_version(), or via the SSL_CONF's MinProtocol and
......
...@@ -35,6 +35,9 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta ...@@ -35,6 +35,9 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# #
# --cross-compile-prefix Add specified prefix to binutils components. # --cross-compile-prefix Add specified prefix to binutils components.
# #
# --api One of 0.9.8, 1.0.0 or 1.1.0. Do not compile support for
# interfaces deprecated as of the specified OpenSSL version.
#
# no-hw-xxx do not compile support for specific crypto hardware. # no-hw-xxx do not compile support for specific crypto hardware.
# Generic OpenSSL-style methods relating to this support # Generic OpenSSL-style methods relating to this support
# are always compiled but return NULL if the hardware # are always compiled but return NULL if the hardware
...@@ -137,6 +140,16 @@ my $bits2="SIXTY_FOUR_BIT "; ...@@ -137,6 +140,16 @@ my $bits2="SIXTY_FOUR_BIT ";
# seems to be sufficient? # seems to be sufficient?
my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT"; my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
#
# API compability name to version number mapping.
#
my $maxapi = "1.1.0"; # API for "no-deprecated" builds
my $apitable = {
"1.1.0" => "0x10100000L",
"1.0.0" => "0x10000000L",
"0.9.8" => "0x00908000L",
};
# table of known configurations, read in from files # table of known configurations, read in from files
# #
# The content of each entry can take one of two forms: # The content of each entry can take one of two forms:
...@@ -890,7 +903,6 @@ my @disablables = ( ...@@ -890,7 +903,6 @@ my @disablables = (
# All of the following is disabled by default (RC5 was enabled before 0.9.8): # All of the following is disabled by default (RC5 was enabled before 0.9.8):
my %disabled = ( # "what" => "comment" [or special keyword "experimental"] my %disabled = ( # "what" => "comment" [or special keyword "experimental"]
"deprecated" => "default",
"ec_nistp_64_gcc_128" => "default", "ec_nistp_64_gcc_128" => "default",
"jpake" => "experimental", "jpake" => "experimental",
"md2" => "default", "md2" => "default",
...@@ -932,6 +944,7 @@ my $openssl_other_defines; ...@@ -932,6 +944,7 @@ my $openssl_other_defines;
my $libs; my $libs;
my $target; my $target;
my $options; my $options;
my $api;
my $make_depend=0; my $make_depend=0;
my %withargs=(); my %withargs=();
my $build_prefix = "release_"; my $build_prefix = "release_";
...@@ -1086,6 +1099,10 @@ PROCESS_ARGS: ...@@ -1086,6 +1099,10 @@ PROCESS_ARGS:
{ {
$prefix=$1; $prefix=$1;
} }
elsif (/^--api=(.*)$/)
{
$api=$1;
}
elsif (/^--libdir=(.*)$/) elsif (/^--libdir=(.*)$/)
{ {
$libdir=$1; $libdir=$1;
...@@ -1157,6 +1174,10 @@ PROCESS_ARGS: ...@@ -1157,6 +1174,10 @@ PROCESS_ARGS:
} }
} }
if (defined($api) && !exists $apitable->{$api}) {
die "***** Unsupported api compatibility level: $api\n",
}
if (keys %unsupported_options) if (keys %unsupported_options)
{ {
die "***** Unsupported options: ", die "***** Unsupported options: ",
...@@ -1542,11 +1563,10 @@ if ($zlib) ...@@ -1542,11 +1563,10 @@ if ($zlib)
} }
} }
#Build the library with OPENSSL_USE_DEPRECATED if deprecation is not disabled # With "deprecated" disable all deprecated features.
if(!defined($disabled{"deprecated"})) if (defined($disabled{"deprecated"})) {
{ $api = $maxapi;
$cflags = "-DOPENSSL_USE_DEPRECATED $cflags"; }
}
# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org # You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
my $shared_mark = ""; my $shared_mark = "";
...@@ -1744,7 +1764,7 @@ open(IN,'<include/openssl/opensslv.h') || die "unable to read opensslv.h:$!\n"; ...@@ -1744,7 +1764,7 @@ open(IN,'<include/openssl/opensslv.h') || die "unable to read opensslv.h:$!\n";
while (<IN>) while (<IN>)
{ {
$version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /; $version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
$version_num=$1 if /OPENSSL.VERSION.NUMBER.*0x(\S+)/; $version_num=$1 if /OPENSSL.VERSION.NUMBER.*(0x\S+)/;
$shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/; $shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/;
$shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/; $shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/;
} }
...@@ -1763,6 +1783,12 @@ if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/) ...@@ -1763,6 +1783,12 @@ if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
$shlib_minor=$2; $shlib_minor=$2;
} }
if (defined($api)) {
my $apiflag = sprintf("-DOPENSSL_API_COMPAT=%s", $apitable->{$api});
$default_depflags .= " $apiflag";
$cflags .= " $apiflag";
}
my $ecc = $cc; my $ecc = $cc;
$ecc = "clang" if `$cc --version 2>&1` =~ /clang/; $ecc = "clang" if `$cc --version 2>&1` =~ /clang/;
...@@ -1991,6 +2017,11 @@ print OUT "#ifdef __cplusplus\n"; ...@@ -1991,6 +2017,11 @@ print OUT "#ifdef __cplusplus\n";
print OUT "extern \"C\" {\n"; print OUT "extern \"C\" {\n";
print OUT "#endif\n"; print OUT "#endif\n";
print OUT "/* OpenSSL was configured with the following options: */\n"; print OUT "/* OpenSSL was configured with the following options: */\n";
my $openssl_api_defines = "";
if (defined($api)) {
$openssl_api_defines = sprintf "#define OPENSSL_MIN_API %s\n", $apitable->{$api};
}
my $openssl_algorithm_defines_trans = $openssl_algorithm_defines; my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n# define OPENSSL_NO_$1\n# endif\n#endif/mg; $openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n# define OPENSSL_NO_$1\n# endif\n#endif/mg;
$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg; $openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg;
...@@ -1999,9 +2030,11 @@ $openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algori ...@@ -1999,9 +2030,11 @@ $openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algori
$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; $openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; $openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; $openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
print OUT $openssl_sys_defines; print OUT $openssl_sys_defines;
print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n"; print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";
print OUT $openssl_experimental_defines; print OUT $openssl_experimental_defines;
print OUT $openssl_api_defines;
print OUT "\n"; print OUT "\n";
print OUT $openssl_algorithm_defines; print OUT $openssl_algorithm_defines;
print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n"; print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n";
...@@ -2162,7 +2195,7 @@ EOF ...@@ -2162,7 +2195,7 @@ EOF
# create the ms/version32.rc file if needed # create the ms/version32.rc file if needed
if ($IsMK1MF && ($target !~ /^netware/)) { if ($IsMK1MF && ($target !~ /^netware/)) {
my ($v1, $v2, $v3, $v4); my ($v1, $v2, $v3, $v4);
if ($version_num =~ /(^[0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i) { if ($version_num =~ /^0x([0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})L$/i) {
$v1=hex $1; $v1=hex $1;
$v2=hex $2; $v2=hex $2;
$v3=hex $3; $v3=hex $3;
......
...@@ -23,6 +23,11 @@ ...@@ -23,6 +23,11 @@
o EC revision: now operations use new EC_KEY_METHOD. o EC revision: now operations use new EC_KEY_METHOD.
o Support for OCB mode added to libcrypto o Support for OCB mode added to libcrypto
o Support for asynchronous crypto operations added to libcrypto and libssl o Support for asynchronous crypto operations added to libcrypto and libssl
o Deprecated interfaces can now be disabled at build time either
relative to the latest relate via the "no-deprecated" Configure
argument, or via the "--api=1.1.0|1.0.0|0.9.8" option.
o Application software can be compiled with -DOPENSSL_API_COMPAT=version
to ensure that features deprecated before that version are not exposed.
Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015] Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015]
......
...@@ -109,6 +109,7 @@ ...@@ -109,6 +109,7 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
#include <openssl/opensslconf.h>
#include "internal/cryptlib.h" #include "internal/cryptlib.h"
#include "bn_lcl.h" #include "bn_lcl.h"
...@@ -119,7 +120,7 @@ struct bn_blinding_st { ...@@ -119,7 +120,7 @@ struct bn_blinding_st {
BIGNUM *Ai; BIGNUM *Ai;
BIGNUM *e; BIGNUM *e;
BIGNUM *mod; /* just a reference */ BIGNUM *mod; /* just a reference */
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10000000L
unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; used unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; used
* only by crypto/rsa/rsa_eay.c, rsa_lib.c */ * only by crypto/rsa/rsa_eay.c, rsa_lib.c */
#endif #endif
...@@ -271,7 +272,7 @@ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, ...@@ -271,7 +272,7 @@ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
return (ret); return (ret);
} }
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10000000L
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b) unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)
{ {
return b->thread_id; return b->thread_id;
......
...@@ -62,11 +62,12 @@ ...@@ -62,11 +62,12 @@
#include <time.h> #include <time.h>
#include "internal/cryptlib.h" #include "internal/cryptlib.h"
#include "bn_lcl.h" #include "bn_lcl.h"
#include <openssl/opensslconf.h>
#include <openssl/rand.h> #include <openssl/rand.h>
static void *dummy = &dummy; static void *dummy = &dummy;
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x00908000L
BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
const BIGNUM *add, const BIGNUM *rem, const BIGNUM *add, const BIGNUM *rem,
void (*callback) (int, int, void *), void *cb_arg) void (*callback) (int, int, void *), void *cb_arg)
......
...@@ -65,9 +65,10 @@ ...@@ -65,9 +65,10 @@
#include <limits.h> #include <limits.h>
#include "internal/cryptlib.h" #include "internal/cryptlib.h"
#include "bn_lcl.h" #include "bn_lcl.h"
#include <openssl/opensslconf.h>
/* This stuff appears to be completely unused, so is deprecated */ /* This stuff appears to be completely unused, so is deprecated */
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x00908000L
/*- /*-
* For a 32 bit machine * For a 32 bit machine
* 2 - 4 == 128 * 2 - 4 == 128
...@@ -258,7 +259,7 @@ void BN_free(BIGNUM *a) ...@@ -258,7 +259,7 @@ void BN_free(BIGNUM *a)
if (a->flags & BN_FLG_MALLOCED) if (a->flags & BN_FLG_MALLOCED)
OPENSSL_free(a); OPENSSL_free(a);
else { else {
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x00908000L
a->flags |= BN_FLG_FREE; a->flags |= BN_FLG_FREE;
#endif #endif
a->d = NULL; a->d = NULL;
......
...@@ -59,10 +59,11 @@ ...@@ -59,10 +59,11 @@
#include "internal/cryptlib.h" #include "internal/cryptlib.h"
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/dh.h> #include <openssl/dh.h>
#include <openssl/opensslconf.h>
static void *dummy = &dummy; static void *dummy = &dummy;
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x00908000L
DH *DH_generate_parameters(int prime_len, int generator, DH *DH_generate_parameters(int prime_len, int generator,
void (*callback) (int, int, void *), void *cb_arg) void (*callback) (int, int, void *), void *cb_arg)
{ {
......
...@@ -75,8 +75,9 @@ static void *dummy = &dummy; ...@@ -75,8 +75,9 @@ static void *dummy = &dummy;
#include <openssl/dsa.h> #include <openssl/dsa.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/sha.h> #include <openssl/sha.h>
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x00908000L
DSA *DSA_generate_parameters(int bits, DSA *DSA_generate_parameters(int bits,
unsigned char *seed_in, int seed_len, unsigned char *seed_in, int seed_len,
int *counter_ret, unsigned long *h_ret, int *counter_ret, unsigned long *h_ret,
......
...@@ -118,6 +118,7 @@ ...@@ -118,6 +118,7 @@
#include <openssl/buffer.h> #include <openssl/buffer.h>
#include <openssl/bio.h> #include <openssl/bio.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/opensslconf.h>
DECLARE_LHASH_OF(ERR_STRING_DATA); DECLARE_LHASH_OF(ERR_STRING_DATA);
DECLARE_LHASH_OF(ERR_STATE); DECLARE_LHASH_OF(ERR_STATE);
...@@ -861,7 +862,7 @@ void ERR_remove_thread_state(const CRYPTO_THREADID *id) ...@@ -861,7 +862,7 @@ void ERR_remove_thread_state(const CRYPTO_THREADID *id)
int_thread_del_item(&tmp); int_thread_del_item(&tmp);
} }
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10000000L
void ERR_remove_state(unsigned long pid) void ERR_remove_state(unsigned long pid)
{ {
ERR_remove_thread_state(NULL); ERR_remove_thread_state(NULL);
......
...@@ -57,7 +57,9 @@ ...@@ -57,7 +57,9 @@
* *
*/ */
#ifdef OPENSSL_NO_DEPRECATED #include <openssl/opensslconf.h>
#if OPENSSL_API_COMPAT >= 0x00908000L
static void *dummy = &dummy; static void *dummy = &dummy;
#else #else
......
...@@ -61,6 +61,7 @@ ...@@ -61,6 +61,7 @@
#include <string.h> #include <string.h>
#include "internal/cryptlib.h" #include "internal/cryptlib.h"
#include <openssl/hmac.h> #include <openssl/hmac.h>
#include <openssl/opensslconf.h>
#include "hmac_lcl.h" #include "hmac_lcl.h"
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
...@@ -127,7 +128,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, ...@@ -127,7 +128,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
return 0; return 0;
} }
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10100000L
int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md) int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
{ {
if (key && md) if (key && md)
......
/* crypto/opensslconf.h.in */ /* crypto/opensslconf.h.in */
/* /*
* Applications should use -DOPENSSL_USE_DEPRECATED to enable access to * Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
* deprecated functions. But if the library has been built to disable * declarations of functions deprecated in or before <version>. Otherwise, they
* deprecated functions then this will not work * still won't see them if the library has been built to disable deprecated
* functions.
*/ */
#if defined(OPENSSL_NO_DEPRECATED) && defined(OPENSSL_USE_DEPRECATED) #if defined(OPENSSL_NO_DEPRECATED)
#error "OPENSSL_USE_DEPRECATED has been defined, but OpenSSL has been built without support for deprecated functions" # define DECLARE_DEPRECATED(f)
#elif __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
#else
# define DECLARE_DEPRECATED(f) f;
#endif
#ifndef OPENSSL_MIN_API
#define OPENSSL_MIN_API 0
#endif
#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API
#undef OPENSSL_API_COMPAT
#define OPENSSL_API_COMPAT OPENSSL_MIN_API
#endif
#if OPENSSL_API_COMPAT < 0x10100000L
# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
#else
# define DEPRECATEDIN_1_1_0(f)
#endif
#if OPENSSL_API_COMPAT < 0x10000000L
# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
#else
# define DEPRECATEDIN_1_0_0(f)
#endif #endif
/* Test for support for deprecated attribute */ #if OPENSSL_API_COMPAT < 0x00908000L
#if __GNUC__ > 3 || \ # define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
(__GNUC__ == 3 && __GNUC_MINOR__ > 0)
#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated))
#else #else
#define DECLARE_DEPRECATED(f) f # define DEPRECATEDIN_0_9_8(f)
#endif #endif
/* Generate 80386 code? */ /* Generate 80386 code? */
......
...@@ -128,6 +128,7 @@ ...@@ -128,6 +128,7 @@
# include <time.h> # include <time.h>
#endif #endif
#include <openssl/opensslconf.h>
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/async.h> #include <openssl/async.h>
...@@ -172,7 +173,7 @@ static int rand_seed(const void *buf, int num); ...@@ -172,7 +173,7 @@ static int rand_seed(const void *buf, int num);
static int rand_add(const void *buf, int num, double add_entropy); static int rand_add(const void *buf, int num, double add_entropy);
static int rand_bytes(unsigned char *buf, int num, int pseudo); static int rand_bytes(unsigned char *buf, int num, int pseudo);
static int rand_nopseudo_bytes(unsigned char *buf, int num); static int rand_nopseudo_bytes(unsigned char *buf, int num);
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10100000L
static int rand_pseudo_bytes(unsigned char *buf, int num); static int rand_pseudo_bytes(unsigned char *buf, int num);
#endif #endif
static int rand_status(void); static int rand_status(void);
...@@ -182,7 +183,7 @@ static RAND_METHOD rand_meth = { ...@@ -182,7 +183,7 @@ static RAND_METHOD rand_meth = {
rand_nopseudo_bytes, rand_nopseudo_bytes,
rand_cleanup, rand_cleanup,
rand_add, rand_add,
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10100000L
rand_pseudo_bytes, rand_pseudo_bytes,
#else #else
NULL, NULL,
...@@ -627,7 +628,7 @@ static int rand_nopseudo_bytes(unsigned char *buf, int num) ...@@ -627,7 +628,7 @@ static int rand_nopseudo_bytes(unsigned char *buf, int num)
return rand_bytes(buf, num, 0); return rand_bytes(buf, num, 0);
} }
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10100000L
/* /*
* pseudo-random bytes that are guaranteed to be unique but not unpredictable * pseudo-random bytes that are guaranteed to be unique but not unpredictable
*/ */
......
...@@ -59,6 +59,7 @@ ...@@ -59,6 +59,7 @@
#include <stdio.h> #include <stdio.h>
#include <time.h> #include <time.h>
#include "internal/cryptlib.h" #include "internal/cryptlib.h"
#include <openssl/opensslconf.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
...@@ -159,7 +160,7 @@ int RAND_bytes(unsigned char *buf, int num) ...@@ -159,7 +160,7 @@ int RAND_bytes(unsigned char *buf, int num)
return (-1); return (-1);
} }
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10100000L
int RAND_pseudo_bytes(unsigned char *buf, int num) int RAND_pseudo_bytes(unsigned char *buf, int num)
{ {
const RAND_METHOD *meth = RAND_get_rand_method(); const RAND_METHOD *meth = RAND_get_rand_method();
......
...@@ -61,10 +61,11 @@ ...@@ -61,10 +61,11 @@
#include <stdio.h> #include <stdio.h>
#include <time.h> #include <time.h>
#include "internal/cryptlib.h" #include "internal/cryptlib.h"
#include <openssl/opensslconf.h>
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/rsa.h> #include <openssl/rsa.h>
#ifdef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT >= 0x00908000L
static void *dummy = &dummy; static void *dummy = &dummy;
......
...@@ -115,8 +115,9 @@ ...@@ -115,8 +115,9 @@
*/ */
#include "internal/cryptlib.h" #include "internal/cryptlib.h"
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10000000L
static unsigned long (*id_callback) (void) = 0; static unsigned long (*id_callback) (void) = 0;
#endif #endif
static void (*threadid_callback) (CRYPTO_THREADID *) = 0; static void (*threadid_callback) (CRYPTO_THREADID *) = 0;
...@@ -189,7 +190,7 @@ void CRYPTO_THREADID_current(CRYPTO_THREADID *id) ...@@ -189,7 +190,7 @@ void CRYPTO_THREADID_current(CRYPTO_THREADID *id)
threadid_callback(id); threadid_callback(id);
return; return;
} }
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10000000L
/* If the deprecated callback was set, fall back to that */ /* If the deprecated callback was set, fall back to that */
if (id_callback) { if (id_callback) {
CRYPTO_THREADID_set_numeric(id, id_callback()); CRYPTO_THREADID_set_numeric(id, id_callback());
...@@ -220,7 +221,7 @@ unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id) ...@@ -220,7 +221,7 @@ unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id)
return id->val; return id->val;
} }
#ifndef OPENSSL_NO_DEPRECATED #if OPENSSL_API_COMPAT < 0x10000000L
unsigned long (*CRYPTO_get_id_callback(void)) (void) { unsigned long (*CRYPTO_get_id_callback(void)) (void) {
return (id_callback); return (id_callback);
} }
......
...@@ -22,10 +22,6 @@ functions. ...@@ -22,10 +22,6 @@ functions.
BN_CTX *ctx); BN_CTX *ctx);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
BN_CTX *ctx); BN_CTX *ctx);
#ifndef OPENSSL_NO_DEPRECATED
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
#endif
CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
...@@ -35,6 +31,13 @@ functions. ...@@ -35,6 +31,13 @@ functions.
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx); BN_MONT_CTX *m_ctx);
Deprecated:
#if OPENSSL_API_COMPAT < 0x10000000L
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
BN_BLINDING_new() allocates a new B<BN_BLINDING> structure and copies BN_BLINDING_new() allocates a new B<BN_BLINDING> structure and copies
......
...@@ -35,6 +35,7 @@ for primality ...@@ -35,6 +35,7 @@ for primality
Deprecated: Deprecated:
#if OPENSSL_API_COMPAT < 0x00908000L
BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add, BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg); BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
...@@ -44,6 +45,7 @@ Deprecated: ...@@ -44,6 +45,7 @@ Deprecated:
int BN_is_prime_fasttest(const BIGNUM *a, int checks, int BN_is_prime_fasttest(const BIGNUM *a, int checks,
void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg, void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg,
int do_trial_division); int do_trial_division);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
......
...@@ -9,7 +9,7 @@ operations ...@@ -9,7 +9,7 @@ operations
#include <openssl/bn.h> #include <openssl/bn.h>
int BN_zero(BIGNUM *a); void BN_zero(BIGNUM *a);
int BN_one(BIGNUM *a); int BN_one(BIGNUM *a);
const BIGNUM *BN_value_one(void); const BIGNUM *BN_value_one(void);
...@@ -17,6 +17,12 @@ operations ...@@ -17,6 +17,12 @@ operations
int BN_set_word(BIGNUM *a, unsigned long w); int BN_set_word(BIGNUM *a, unsigned long w);
unsigned long BN_get_word(BIGNUM *a); unsigned long BN_get_word(BIGNUM *a);
Deprecated:
#if OPENSSL_API_COMPAT < 0x00908000L
int BN_zero(BIGNUM *a);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
BN_zero(), BN_one() and BN_set_word() set B<a> to the values 0, 1 and BN_zero(), BN_one() and BN_set_word() set B<a> to the values 0, 1 and
...@@ -33,8 +39,10 @@ long. ...@@ -33,8 +39,10 @@ long.
BN_get_word() returns the value B<a>, and 0xffffffffL if B<a> cannot BN_get_word() returns the value B<a>, and 0xffffffffL if B<a> cannot
be represented as an unsigned long. be represented as an unsigned long.
BN_zero(), BN_one() and BN_set_word() return 1 on success, 0 otherwise. BN_one(), BN_set_word() and the deprecated version of BN_zero()
return 1 on success, 0 otherwise.
BN_value_one() returns the constant. BN_value_one() returns the constant.
The preferred version of BN_zer() never fails and returns no value.
=head1 BUGS =head1 BUGS
......
...@@ -16,8 +16,10 @@ DH_check - generate and check Diffie-Hellman parameters ...@@ -16,8 +16,10 @@ DH_check - generate and check Diffie-Hellman parameters
Deprecated: Deprecated:
#if OPENSSL_API_COMPAT < 0x00908000L
DH *DH_generate_parameters(int prime_len, int generator, DH *DH_generate_parameters(int prime_len, int generator,
void (*callback)(int, int, void *), void *cb_arg); void (*callback)(int, int, void *), void *cb_arg);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
......
...@@ -14,9 +14,11 @@ DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters ...@@ -14,9 +14,11 @@ DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters
Deprecated: Deprecated:
#if OPENSSL_API_COMPAT < 0x00908000L
DSA *DSA_generate_parameters(int bits, unsigned char *seed, DSA *DSA_generate_parameters(int bits, unsigned char *seed,
int seed_len, int *counter_ret, unsigned long *h_ret, int seed_len, int *counter_ret, unsigned long *h_ret,
void (*callback)(int, int, void *), void *cb_arg); void (*callback)(int, int, void *), void *cb_arg);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
......
...@@ -12,7 +12,9 @@ ERR_remove_thread_state, ERR_remove_state - free a thread's error queue ...@@ -12,7 +12,9 @@ ERR_remove_thread_state, ERR_remove_state - free a thread's error queue
Deprecated: Deprecated:
#if OPENSSL_API_COMPAT < 0x10000000L
void ERR_remove_state(unsigned long pid); void ERR_remove_state(unsigned long pid);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
......
...@@ -12,7 +12,9 @@ RAND_bytes, RAND_pseudo_bytes - generate random data ...@@ -12,7 +12,9 @@ RAND_bytes, RAND_pseudo_bytes - generate random data
Deprecated: Deprecated:
#if OPENSSL_API_COMPAT < 0x10100000L
int RAND_pseudo_bytes(unsigned char *buf, int num); int RAND_pseudo_bytes(unsigned char *buf, int num);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
......
...@@ -12,8 +12,10 @@ RSA_generate_key_ex, RSA_generate_key - generate RSA key pair ...@@ -12,8 +12,10 @@ RSA_generate_key_ex, RSA_generate_key - generate RSA key pair
Deprecated: Deprecated:
#if OPENSSL_API_COMPAT < 0x00908000L
RSA *RSA_generate_key(int num, unsigned long e, RSA *RSA_generate_key(int num, unsigned long e,
void (*callback)(int,int,void *), void *cb_arg); void (*callback)(int,int,void *), void *cb_arg);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
......
...@@ -22,6 +22,7 @@ err - error codes ...@@ -22,6 +22,7 @@ err - error codes
int ERR_GET_REASON(unsigned long e); int ERR_GET_REASON(unsigned long e);
void ERR_clear_error(void); void ERR_clear_error(void);
void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
char *ERR_error_string(unsigned long e, char *buf); char *ERR_error_string(unsigned long e, char *buf);
const char *ERR_lib_error_string(unsigned long e); const char *ERR_lib_error_string(unsigned long e);
...@@ -34,8 +35,6 @@ err - error codes ...@@ -34,8 +35,6 @@ err - error codes
void ERR_load_crypto_strings(void); void ERR_load_crypto_strings(void);
void ERR_free_strings(void); void ERR_free_strings(void);
void ERR_remove_state(unsigned long pid);
void ERR_put_error(int lib, int func, int reason, const char *file, void ERR_put_error(int lib, int func, int reason, const char *file,
int line); int line);
void ERR_add_error_data(int num, ...); void ERR_add_error_data(int num, ...);
...@@ -44,6 +43,12 @@ err - error codes ...@@ -44,6 +43,12 @@ err - error codes
unsigned long ERR_PACK(int lib, int func, int reason); unsigned long ERR_PACK(int lib, int func, int reason);
int ERR_get_next_error_library(void); int ERR_get_next_error_library(void);
Deprecated:
#if OPENSSL_API_COMPAT < 0x10000000L
void ERR_remove_state(unsigned long pid);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
When a call to the OpenSSL library fails, this is usually signaled When a call to the OpenSSL library fails, this is usually signaled
...@@ -62,7 +67,7 @@ messages is described in L<ERR_error_string(3)>. ...@@ -62,7 +67,7 @@ messages is described in L<ERR_error_string(3)>.
L<ERR_clear_error(3)> can be used to clear the L<ERR_clear_error(3)> can be used to clear the
error queue. error queue.
Note that L<ERR_remove_state(3)> should be used to Note that L<ERR_remove_thread_state(3)> should be used to
avoid memory leaks when threads are terminated. avoid memory leaks when threads are terminated.
=head1 ADDING NEW ERROR CODES TO OPENSSL =head1 ADDING NEW ERROR CODES TO OPENSSL
...@@ -178,7 +183,7 @@ L<ERR_clear_error(3)>, ...@@ -178,7 +183,7 @@ L<ERR_clear_error(3)>,
L<ERR_error_string(3)>, L<ERR_error_string(3)>,
L<ERR_print_errors(3)>, L<ERR_print_errors(3)>,
L<ERR_load_crypto_strings(3)>, L<ERR_load_crypto_strings(3)>,
L<ERR_remove_state(3)>, L<ERR_remove_thread_state(3)>,
L<ERR_put_error(3)>, L<ERR_put_error(3)>,
L<ERR_load_strings(3)>, L<ERR_load_strings(3)>,
L<SSL_get_error(3)> L<SSL_get_error(3)>
......
...@@ -15,8 +15,6 @@ HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC ...@@ -15,8 +15,6 @@ HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC
HMAC_CTX *HMAC_CTX_new(void); HMAC_CTX *HMAC_CTX_new(void);
int HMAC_CTX_reset(HMAC_CTX *ctx); int HMAC_CTX_reset(HMAC_CTX *ctx);
int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
const EVP_MD *md);
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
const EVP_MD *md, ENGINE *impl); const EVP_MD *md, ENGINE *impl);
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len); int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
...@@ -24,6 +22,13 @@ HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC ...@@ -24,6 +22,13 @@ HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC
void HMAC_CTX_free(HMAC_CTX *ctx); void HMAC_CTX_free(HMAC_CTX *ctx);
Deprecated:
#if OPENSSL_API_COMPAT < 0x10100000L
int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
const EVP_MD *md);
#endif
=head1 DESCRIPTION =head1 DESCRIPTION
HMAC is a MAC (message authentication code), i.e. a keyed hash HMAC is a MAC (message authentication code), i.e. a keyed hash
......
...@@ -61,6 +61,7 @@ ...@@ -61,6 +61,7 @@
# include <time.h> # include <time.h>
# include <openssl/e_os2.h> # include <openssl/e_os2.h>
# include <openssl/opensslconf.h>
# include <openssl/bio.h> # include <openssl/bio.h>
# include <openssl/stack.h> # include <openssl/stack.h>
# include <openssl/safestack.h> # include <openssl/safestack.h>
...@@ -68,7 +69,7 @@ ...@@ -68,7 +69,7 @@
# include <openssl/symhacks.h> # include <openssl/symhacks.h>
# include <openssl/ossl_typ.h> # include <openssl/ossl_typ.h>
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/bn.h> # include <openssl/bn.h>
# endif # endif
......
...@@ -129,6 +129,7 @@ ...@@ -129,6 +129,7 @@
# ifndef OPENSSL_NO_STDIO # ifndef OPENSSL_NO_STDIO
# include <stdio.h> /* FILE */ # include <stdio.h> /* FILE */
# endif # endif
# include <openssl/opensslconf.h>
# include <openssl/ossl_typ.h> # include <openssl/ossl_typ.h>
# include <openssl/crypto.h> # include <openssl/crypto.h>
...@@ -270,14 +271,10 @@ extern "C" { ...@@ -270,14 +271,10 @@ extern "C" {
# define BN_FLG_CONSTTIME 0x04 # define BN_FLG_CONSTTIME 0x04
# define BN_FLG_SECURE 0x08 # define BN_FLG_SECURE 0x08
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x00908000L
/* deprecated name for the flag */ /* deprecated name for the flag */
# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME # define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
# endif # define BN_FLG_FREE 0x8000 /* used for debuging */
# ifdef OPENSSL_USE_DEPRECATED
# define BN_FLG_FREE 0x8000
/* used for debuging */
# endif # endif
void BN_set_flags(BIGNUM *b, int n); void BN_set_flags(BIGNUM *b, int n);
...@@ -343,7 +340,7 @@ int BN_is_odd(const BIGNUM *a); ...@@ -343,7 +340,7 @@ int BN_is_odd(const BIGNUM *a);
void BN_zero_ex(BIGNUM *a); void BN_zero_ex(BIGNUM *a);
# ifndef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT >= 0x00908000L
# define BN_zero(a) BN_zero_ex(a) # define BN_zero(a) BN_zero_ex(a)
# else # else
# define BN_zero(a) (BN_set_word((a),0)) # define BN_zero(a) (BN_set_word((a),0))
...@@ -475,23 +472,21 @@ BIGNUM *BN_mod_sqrt(BIGNUM *ret, ...@@ -475,23 +472,21 @@ BIGNUM *BN_mod_sqrt(BIGNUM *ret,
void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords); void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
/* Deprecated versions */ /* Deprecated versions */
# ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_0_9_8(BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
DECLARE_DEPRECATED(BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
const BIGNUM *add, const BIGNUM *add,
const BIGNUM *rem, const BIGNUM *rem,
void (*callback) (int, int, void (*callback) (int, int,
void *), void *),
void *cb_arg)); void *cb_arg))
DECLARE_DEPRECATED(int DEPRECATEDIN_0_9_8(int
BN_is_prime(const BIGNUM *p, int nchecks, BN_is_prime(const BIGNUM *p, int nchecks,
void (*callback) (int, int, void *), void (*callback) (int, int, void *),
BN_CTX *ctx, void *cb_arg)); BN_CTX *ctx, void *cb_arg))
DECLARE_DEPRECATED(int DEPRECATEDIN_0_9_8(int
BN_is_prime_fasttest(const BIGNUM *p, int nchecks, BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
void (*callback) (int, int, void *), void (*callback) (int, int, void *),
BN_CTX *ctx, void *cb_arg, BN_CTX *ctx, void *cb_arg,
int do_trial_division)); int do_trial_division))
# endif /* defined(OPENSSL_USE_DEPRECATED) */
/* Newer versions */ /* Newer versions */
int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
...@@ -535,12 +530,10 @@ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); ...@@ -535,12 +530,10 @@ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
BN_CTX *); BN_CTX *);
# ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_1_0_0(unsigned long
DECLARE_DEPRECATED(unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *))
BN_BLINDING_get_thread_id(const BN_BLINDING *)); DEPRECATEDIN_1_0_0(void
DECLARE_DEPRECATED(void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long))
BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long));
# endif
CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
...@@ -554,11 +547,9 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, ...@@ -554,11 +547,9 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx); BN_MONT_CTX *m_ctx);
# ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_0_9_8(void BN_set_params(int mul, int high, int low, int mont))
DECLARE_DEPRECATED(void BN_set_params(int mul, int high, int low, int mont)); DEPRECATEDIN_0_9_8(int BN_get_params(int which)) /* 0, mul, 1 high, 2 low, 3
DECLARE_DEPRECATED(int BN_get_params(int which)); /* 0, mul, 1 high, 2 low, 3
* mont */ * mont */
# endif
BN_RECP_CTX *BN_RECP_CTX_new(void); BN_RECP_CTX *BN_RECP_CTX_new(void);
void BN_RECP_CTX_free(BN_RECP_CTX *recp); void BN_RECP_CTX_free(BN_RECP_CTX *recp);
......
...@@ -130,6 +130,7 @@ ...@@ -130,6 +130,7 @@
# include <openssl/safestack.h> # include <openssl/safestack.h>
# include <openssl/opensslv.h> # include <openssl/opensslv.h>
# include <openssl/ossl_typ.h> # include <openssl/ossl_typ.h>
# include <openssl/opensslconf.h>
# ifdef CHARSET_EBCDIC # ifdef CHARSET_EBCDIC
# include <openssl/ebcdic.h> # include <openssl/ebcdic.h>
...@@ -141,10 +142,25 @@ ...@@ -141,10 +142,25 @@
*/ */
# include <openssl/symhacks.h> # include <openssl/symhacks.h>
# if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/opensslv.h>
# endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
# if OPENSSL_API_COMPAT < 0x10100000L
# define SSLeay OpenSSL_version_num
# define SSLeay_version OpenSSL_version
# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
# define SSLEAY_VERSION OPENSSL_VERSION
# define SSLEAY_CFLAGS OPENSSL_CFLAGS
# define SSLEAY_BUILT_ON OPENSSL_BUILT_ON
# define SSLEAY_PLATFORM OPENSSL_PLATFORM
# define SSLEAY_DIR OPENSSL_DIR
# endif /* OPENSSL_API_COMPAT */
/* /*
* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock * When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
* names in cryptlib.c * names in cryptlib.c
...@@ -414,15 +430,15 @@ void CRYPTO_THREADID_current(CRYPTO_THREADID *id); ...@@ -414,15 +430,15 @@ void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b); int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src); void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id); unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
# ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_1_0_0(void CRYPTO_set_id_callback(unsigned long (*func) (void)))
DECLARE_DEPRECATED(void CRYPTO_set_id_callback(unsigned long (*func) (void)));
/* /*
* mkdef.pl cannot handle this next one so not inside DECLARE_DEPRECATED, * mkdef.pl cannot handle this next one so not inside DEPRECATEDIN_1_0_0,
* but still inside OPENSSL_USE_DEPRECATED * but still conditional on a lower or unknown source API version.
*/ */
# if OPENSSL_API_COMPAT < 0x10000000L
unsigned long (*CRYPTO_get_id_callback(void)) (void); unsigned long (*CRYPTO_get_id_callback(void)) (void);
DECLARE_DEPRECATED(unsigned long CRYPTO_thread_id(void));
# endif # endif
DEPRECATEDIN_1_0_0(unsigned long CRYPTO_thread_id(void))
const char *CRYPTO_get_lock_name(int type); const char *CRYPTO_get_lock_name(int type);
int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
......
...@@ -60,6 +60,7 @@ ...@@ -60,6 +60,7 @@
# define HEADER_DH_H # define HEADER_DH_H
# include <openssl/e_os2.h> # include <openssl/e_os2.h>
# include <openssl/opensslconf.h>
# ifdef OPENSSL_NO_DH # ifdef OPENSSL_NO_DH
# error DH is disabled. # error DH is disabled.
...@@ -67,7 +68,7 @@ ...@@ -67,7 +68,7 @@
# include <openssl/bio.h> # include <openssl/bio.h>
# include <openssl/ossl_typ.h> # include <openssl/ossl_typ.h>
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/bn.h> # include <openssl/bn.h>
# endif # endif
...@@ -209,12 +210,10 @@ int DH_set_ex_data(DH *d, int idx, void *arg); ...@@ -209,12 +210,10 @@ int DH_set_ex_data(DH *d, int idx, void *arg);
void *DH_get_ex_data(DH *d, int idx); void *DH_get_ex_data(DH *d, int idx);
/* Deprecated version */ /* Deprecated version */
# ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_0_9_8(DH *DH_generate_parameters(int prime_len, int generator,
DECLARE_DEPRECATED(DH *DH_generate_parameters(int prime_len, int generator,
void (*callback) (int, int, void (*callback) (int, int,
void *), void *),
void *cb_arg)); void *cb_arg))
# endif /* defined(OPENSSL_USE_DEPRECATED) */
/* New version */ /* New version */
int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
......
...@@ -73,8 +73,9 @@ ...@@ -73,8 +73,9 @@
# include <openssl/bio.h> # include <openssl/bio.h>
# include <openssl/crypto.h> # include <openssl/crypto.h>
# include <openssl/ossl_typ.h> # include <openssl/ossl_typ.h>
# include <openssl/opensslconf.h>
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/bn.h> # include <openssl/bn.h>
# ifndef OPENSSL_NO_DH # ifndef OPENSSL_NO_DH
# include <openssl/dh.h> # include <openssl/dh.h>
...@@ -222,16 +223,14 @@ DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); ...@@ -222,16 +223,14 @@ DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length); DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
/* Deprecated version */ /* Deprecated version */
# ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_0_9_8(DSA *DSA_generate_parameters(int bits,
DECLARE_DEPRECATED(DSA *DSA_generate_parameters(int bits,
unsigned char *seed, unsigned char *seed,
int seed_len, int seed_len,
int *counter_ret, int *counter_ret,
unsigned long *h_ret, void unsigned long *h_ret, void
(*callback) (int, int, (*callback) (int, int,
void *), void *),
void *cb_arg)); void *cb_arg))
# endif /* defined(OPENSSL_USE_DEPRECATED) */
/* New version */ /* New version */
int DSA_generate_parameters_ex(DSA *dsa, int bits, int DSA_generate_parameters_ex(DSA *dsa, int bits,
......
...@@ -85,7 +85,7 @@ ...@@ -85,7 +85,7 @@
# include <openssl/asn1.h> # include <openssl/asn1.h>
# include <openssl/symhacks.h> # include <openssl/symhacks.h>
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/bn.h> # include <openssl/bn.h>
# endif # endif
......
...@@ -71,7 +71,7 @@ ...@@ -71,7 +71,7 @@
# error ENGINE is disabled. # error ENGINE is disabled.
# endif # endif
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/bn.h> # include <openssl/bn.h>
# ifndef OPENSSL_NO_RSA # ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h> # include <openssl/rsa.h>
......
...@@ -351,10 +351,8 @@ void ERR_load_crypto_strings(void); ...@@ -351,10 +351,8 @@ void ERR_load_crypto_strings(void);
void ERR_free_strings(void); void ERR_free_strings(void);
void ERR_remove_thread_state(const CRYPTO_THREADID *tid); void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
# ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_1_0_0(void ERR_remove_state(unsigned long pid)) /* if zero we
DECLARE_DEPRECATED(void ERR_remove_state(unsigned long pid)); /* if zero we
* look it up */ * look it up */
# endif
ERR_STATE *ERR_get_state(void); ERR_STATE *ERR_get_state(void);
LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void); LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
......
...@@ -73,13 +73,9 @@ HMAC_CTX *HMAC_CTX_new(void); ...@@ -73,13 +73,9 @@ HMAC_CTX *HMAC_CTX_new(void);
int HMAC_CTX_reset(HMAC_CTX *ctx); int HMAC_CTX_reset(HMAC_CTX *ctx);
void HMAC_CTX_free(HMAC_CTX *ctx); void HMAC_CTX_free(HMAC_CTX *ctx);
#ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_1_1_0(__owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md))
/* deprecated */
DECLARE_DEPRECATED(__owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md));
#endif
/*__owur*/ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, /*__owur*/ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md, ENGINE *impl); const EVP_MD *md, ENGINE *impl);
/*__owur*/ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, /*__owur*/ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data,
......
...@@ -95,9 +95,7 @@ int RAND_set_rand_engine(ENGINE *engine); ...@@ -95,9 +95,7 @@ int RAND_set_rand_engine(ENGINE *engine);
RAND_METHOD *RAND_OpenSSL(void); RAND_METHOD *RAND_OpenSSL(void);
void RAND_cleanup(void); void RAND_cleanup(void);
int RAND_bytes(unsigned char *buf, int num); int RAND_bytes(unsigned char *buf, int num);
#ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_1_1_0(int RAND_pseudo_bytes(unsigned char *buf, int num))
DECLARE_DEPRECATED(int RAND_pseudo_bytes(unsigned char *buf, int num));
#endif
void RAND_seed(const void *buf, int num); void RAND_seed(const void *buf, int num);
#if defined(__ANDROID__) && defined(__NDK_FPABI__) #if defined(__ANDROID__) && defined(__NDK_FPABI__)
__NDK_FPABI__ /* __attribute__((pcs("aapcs"))) on ARM */ __NDK_FPABI__ /* __attribute__((pcs("aapcs"))) on ARM */
......
...@@ -59,12 +59,13 @@ ...@@ -59,12 +59,13 @@
#ifndef HEADER_RSA_H #ifndef HEADER_RSA_H
# define HEADER_RSA_H # define HEADER_RSA_H
# include <openssl/opensslconf.h>
# include <openssl/asn1.h> # include <openssl/asn1.h>
# include <openssl/bio.h> # include <openssl/bio.h>
# include <openssl/crypto.h> # include <openssl/crypto.h>
# include <openssl/ossl_typ.h> # include <openssl/ossl_typ.h>
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/bn.h> # include <openssl/bn.h>
# endif # endif
...@@ -212,7 +213,7 @@ struct rsa_st { ...@@ -212,7 +213,7 @@ struct rsa_st {
* private key operations. * private key operations.
*/ */
# define RSA_FLAG_NO_CONSTTIME 0x0100 # define RSA_FLAG_NO_CONSTTIME 0x0100
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x00908000L
/* deprecated name for the flag*/ /* deprecated name for the flag*/
/* /*
* new with 0.9.7h; the built-in RSA * new with 0.9.7h; the built-in RSA
...@@ -316,11 +317,9 @@ int RSA_size(const RSA *rsa); ...@@ -316,11 +317,9 @@ int RSA_size(const RSA *rsa);
int RSA_security_bits(const RSA *rsa); int RSA_security_bits(const RSA *rsa);
/* Deprecated version */ /* Deprecated version */
# ifdef OPENSSL_USE_DEPRECATED DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void
DECLARE_DEPRECATED(RSA *RSA_generate_key(int bits, unsigned long e, void
(*callback) (int, int, void *), (*callback) (int, int, void *),
void *cb_arg)); void *cb_arg))
# endif /* defined(OPENSSL_USE_DEPRECATED) */
/* New version */ /* New version */
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
......
...@@ -144,10 +144,11 @@ ...@@ -144,10 +144,11 @@
# define HEADER_SSL_H # define HEADER_SSL_H
# include <openssl/e_os2.h> # include <openssl/e_os2.h>
# include <openssl/opensslconf.h>
# include <openssl/comp.h> # include <openssl/comp.h>
# include <openssl/bio.h> # include <openssl/bio.h>
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/x509.h> # include <openssl/x509.h>
# include <openssl/crypto.h> # include <openssl/crypto.h>
# include <openssl/lhash.h> # include <openssl/lhash.h>
......
...@@ -67,7 +67,7 @@ ...@@ -67,7 +67,7 @@
# endif # endif
# include <openssl/ossl_typ.h> # include <openssl/ossl_typ.h>
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/evp.h> # include <openssl/evp.h>
# include <openssl/bn.h> # include <openssl/bn.h>
# include <openssl/x509.h> # include <openssl/x509.h>
......
...@@ -60,11 +60,12 @@ ...@@ -60,11 +60,12 @@
#ifndef HEADER_UI_H #ifndef HEADER_UI_H
# define HEADER_UI_H # define HEADER_UI_H
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/crypto.h> # include <openssl/crypto.h>
# endif # endif
# include <openssl/safestack.h> # include <openssl/safestack.h>
# include <openssl/ossl_typ.h> # include <openssl/ossl_typ.h>
# include <openssl/opensslconf.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
......
...@@ -65,6 +65,7 @@ ...@@ -65,6 +65,7 @@
# define HEADER_X509_H # define HEADER_X509_H
# include <openssl/e_os2.h> # include <openssl/e_os2.h>
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h> # include <openssl/symhacks.h>
# include <openssl/buffer.h> # include <openssl/buffer.h>
# include <openssl/evp.h> # include <openssl/evp.h>
...@@ -77,7 +78,7 @@ ...@@ -77,7 +78,7 @@
# include <openssl/ec.h> # include <openssl/ec.h>
# endif # endif
# ifdef OPENSSL_USE_DEPRECATED # if OPENSSL_API_COMPAT < 0x10100000L
# ifndef OPENSSL_NO_RSA # ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h> # include <openssl/rsa.h>
# endif # endif
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册